CVE-2019-18575

Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system.
References
Link Resource
https://www.dell.com/support/article/SLN319715 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:dell:command|configure:*:*:*:*:*:*:*:*

Information

Published : 2019-12-06 09:15

Updated : 2020-10-16 01:33


NVD link : CVE-2019-18575

Mitre link : CVE-2019-18575

Products Affected
No products.